Summary: | CSP 1.1: Strip URLs in SecurityPolicyViolationEvents, just as we do for POSTed violation reports. | ||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Mike West <mkwst> | ||||||||||
Component: | New Bugs | Assignee: | Mike West <mkwst> | ||||||||||
Status: | RESOLVED FIXED | ||||||||||||
Severity: | Normal | CC: | abarth, jochen, mkwst+watchlist, webkit.review.bot | ||||||||||
Priority: | P2 | ||||||||||||
Version: | 528+ (Nightly build) | ||||||||||||
Hardware: | Unspecified | ||||||||||||
OS: | Unspecified | ||||||||||||
Bug Depends on: | |||||||||||||
Bug Blocks: | 85558, 113033 | ||||||||||||
Attachments: |
|
Description
Mike West
2013-03-22 03:40:15 PDT
Created attachment 194500 [details]
Patch
Hey Adam! I obviously need to rebase this patch to fix whatever didn't apply correctly, but perhaps you can take a look in the meantime? It's a fairly large oversight on my part in the initial implementation. :/ Thanks! Created attachment 194810 [details]
Patch
Hey Jochen! Since Adam is out, would you mind taking a look at this patch? Created attachment 194818 [details]
Patch
(In reply to comment #5) > Created an attachment (id=194818) [details] > Patch Jochen noted that we're doing the wrong thing with 'file:' URIs. Normally, I'd break that out into a separate patch, but I'm not sure it's worth it in this case. The current patch fixes both issues by changing the 'if' to 'if (!url.isHierarchical() || url.protocolIs("file"))'. I'm also happy to break that (and the new test it brings with it) out to a separate patch if you think that'd be clearer. Comment on attachment 194818 [details]
Patch
ok
(In reply to comment #7) > (From update of attachment 194818 [details]) > ok Cool. I'll CQ it once the mac bots join the happy crowd. Thanks! Created attachment 194830 [details]
Patch
Comment on attachment 194830 [details]
Patch
Carrying over the r+, CQing after fixing the platform-specific results for the new test.
Comment on attachment 194830 [details] Patch Clearing flags on attachment: 194830 Committed r146758: <http://trac.webkit.org/changeset/146758> All reviewed patches have been landed. Closing bug. |